MDKSA-2000:013

Problem description

The OpenBSD team discovered a vulnerability in it that allows for
remote exploitation by a corrupt dhcp server, (or an attacker pretending
to be a dhcp server). If this vulnerability is exploited, root access
can be gained on the host running dhcp client remotely. The problem is
that input is not checked and, as a result, it is possible to execute
commands remotely when the network config files are being written on
the dhcp client.